def test_encrypt_new_and_decrypt_use_only_first_254(self): splunk_secret1 = base64.b64encode(os.urandom(512))[:300] splunk_secret2 = splunk_secret1[:254] plaintext1 = base64.b64encode(os.urandom(255))[:24].decode() ciphertext = splunksecrets.encrypt_new(splunk_secret1, plaintext1) plaintext2 = splunksecrets.decrypt(splunk_secret2, ciphertext) self.assertEqual(plaintext2, plaintext1)
def parse_custom_credentials(logger, config): credentials = {} try: # Read the splunk.secret file with open( os.path.join(os.getenv('SPLUNK_HOME'), 'etc', 'auth', 'splunk.secret'), 'r') as ssfh: splunk_secret = ssfh.readline() # list all credentials for option in config: if option[0:10] == 'credential': logger.debug('option: ' + str(option)) config_value = config.get(option) logger.debug(config_value) try: hostname, username, password = config.get(option).split( ':') credentials[hostname] = {} credentials[hostname]['username'] = username credentials[hostname]['password'] = decrypt( splunk_secret, password) except: # Blank or wrong format. Ignore. pass return credentials except Exception as e: raise Exception("Could not parse credentials from Splunk. Error: %s" % (str(e)))
def test_end_to_end_nosalt(self): splunk_secret = base64.b64encode(os.urandom(255))[:254] plaintext1 = base64.b64encode(os.urandom(255))[:24].decode() ciphertext = splunksecrets.encrypt(splunk_secret, plaintext1, nosalt=True) plaintext2 = splunksecrets.decrypt(splunk_secret, ciphertext, nosalt=True) self.assertEqual(plaintext2, plaintext1)
def decrypt_with_secret(encrypted_text): # Check for encryption if encrypted_text[:1] == '$': # Decrypt the text # Read the splunk.secret file with open( os.path.join(os.getenv('SPLUNK_HOME'), 'etc', 'auth', 'splunk.secret'), 'r') as ssfh: splunk_secret = ssfh.readline() # Call the decrypt function from splunksecrets.py return decrypt(splunk_secret, encrypted_text) else: # Not encrypted return encrypted_text
def test_decrypt_unpadded_base64(self): plaintext = splunksecrets.decrypt( splunk_secret, "$1$iqw4ag" ) self.assertEqual(plaintext, "aaa")
def test_decrypt_character_matches_salt2(self): plaintext = splunksecrets.decrypt( splunk_secret, "$1$681ZK4BL5qRLsmMRT6EotpYVgOge69IZZhhxq0P+2ZBCaRTkci1IwiwRG9Ty2bHaSoG1p9QSXWIYA7mrYsyFqfWYqlvg+oQ+sg==" # noqa: E501 ) self.assertEqual(plaintext, "DEFAULTSA" * 8)
def test_decrypt_character_matches_salt1(self): plaintext = splunksecrets.decrypt( splunk_secret, "$1$qowYK8EKp+UK" ) self.assertEqual(plaintext, "A" * 8)
def test_decrypt_new(self): plaintext = splunksecrets.decrypt( splunk_secret, "$7$aTVkS01HYVNJUk5wSnR5NIu4GXLhj2Qd49n2B6Y8qmA/u1CdL9JYxQ==" ) self.assertEqual(plaintext, "temp1234")
def test_decrypt_nosalt(self): plaintext = splunksecrets.decrypt(splunk_secret, "$1$2+1yGuQ1gcMK", nosalt=True) self.assertEqual(plaintext, "temp1234")
def test_decrypt(self): plaintext = splunksecrets.decrypt(splunk_secret, "$1$n6g0W7F51ZAK") self.assertEqual(plaintext, "temp1234")
def test_end_to_end_character_matches_salt(self): splunk_secret = base64.b64encode(os.urandom(255))[:255] plaintext1 = "".join([random.choice("DEFAULTSA") for _ in range(24)]) ciphertext = splunksecrets.encrypt(splunk_secret, plaintext1) plaintext2 = splunksecrets.decrypt(splunk_secret, ciphertext) self.assertEqual(plaintext2, plaintext1)
def test_end_to_end(self): splunk_secret = base64.b64encode(os.urandom(255))[:255] plaintext1 = base64.b64encode(os.urandom(255))[:24].decode() ciphertext = splunksecrets.encrypt(splunk_secret[:16], plaintext1) plaintext2 = splunksecrets.decrypt(splunk_secret[:16], ciphertext) self.assertEqual(plaintext2, plaintext1)
def test_decrypt_new(self): plaintext = splunksecrets.decrypt( splunk_secret, "$7$aTVkS01HYVNJUk5wSnR5NKR+EdOfT4t84WSiXvPFHGHsfHtbgPIL3g==") self.assertEqual(plaintext, "temp1234")
def test_decrypt_raises_value_error_short_secret2(self): with self.assertRaises(ValueError): splunk_secret = base64.b64encode(os.urandom(255))[:253] splunksecrets.decrypt( splunk_secret, "$7$aTVkS01HYVNJUk5wSnR5NKR+EdOfT4t84WSiXvPFHGHsfHtbgPIL3g==")
def test_decrypt_raises_value_error_short_secret1(self): with self.assertRaises(ValueError): splunk_secret = base64.b64encode(os.urandom(255))[:15] splunksecrets.decrypt(splunk_secret, "$1$n6g0W7F51ZAK")